PT-2023-21570 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.0.beta3 Description: The issue allows attackers to bypass Discourse's server-side request forgery SSRF protection for private IPv4 addresses by using an IPv4-mapped IPv6 address. Recommendations: For versions...